Closed Bug 285382 Opened 20 years ago Closed 20 years ago

Microsoft "update" KB891711 stops FireFox & Thunderbird from running. Goes to a 'blue screen'

Categories

(Firefox :: General, defect)

Product:
Firefox
Component:
General
Platform:
x86
Windows 98
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: manganime001, Assigned: bugzilla)

References

Details

(Whiteboard: [asaP1]) 

User-Agent:       Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.7.6) Gecko/20050225 Firefox/1.0.1 (ax)
Build Identifier: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.7.6) Gecko/20050225 Firefox/1.0.1 (ax)

Microsoft's alleged bugfix KB891711 has stopped both FireFox & Thunderbird from
running. As soon as either program is run it goes to a blue-screen and the only
option is to kill the application. I noticed a process in task manager with this
number & after terminating this task FireFox & Thunderbird run fine. This only
started happening after running latest windows update when this particular
bugfix was installed. This bugfix is supposed to be for all MicroSoft OSes.

Reproducible: Always

Steps to Reproduce:
1. Download & install KB891711 bugfix from MicrSoft
2. Try to run either FireFox or Thunderbird
3.

Actual Results:  
PC went to a blue-screen
*** Bug 285384 has been marked as a duplicate of this bug. ***
Confirmed this in a big way today too.  I don't get a blue screen, just a lock
up (no mouse and not much other control, ctrl-alt-del works) and 3-4 beeps that
sounded like a failing hard drive or bad memory error beep sequence from the
motherboard. The process (c:\windows\system\kb891711\kb891711.exe) is
automatically started when windows starts. The windows update can be disabled
(?) using the Windows Configuration Utility (msconfig.exe) Composing this bug
report with Firefox right now.
Kb891711 crashes Win Me too.
"Fatal exception 06 has occurred at 0000:00000017 ..."

i've never worked on Win98 but i'd expect 6 to be "invalid handle".

Mozilla/5.0 (Windows; U; Win98; en-GB; rv:1.7.6) Gecko/20050226 Firefox/1.0.1

Win98 SE 4.10.2222 A

MS says 891711 fixes an unchecked buffer vulnerability in Hyperlink Object
Library.  Curiously the patch installs an image, which always runs in the
background, and a DLL.  Seems an odd way to fix a buffer overrun.
In Win98 KB891711 slows Firefox & Thunderbird down to an almost unusable state
whenever graphics are being displayed.  Whatever the patch did it left it's
remains even uninstalling it because the results are still poor.  I had no
issues at all prior to this patch.  At first thought it was just a system
problem.  Did a defrag & ran a full virus scan.  Am using Panda Internet
Security 2005 firewall. And interestingly, IE 6.0 is not effected by this patch.
 IE performance now surpassess Firefox...gee what a coincidence!
Blocks: 285470
This is a widely reported problem for Win98 users.

Several people in forums hinted that it may be a problem with the patch itself.
Not sure how trustworthy they are.

ms security bulletin:
http://www.microsoft.com/technet/security/Bulletin/MS05-002.mspx
mozillazine thread on this: http://forums.mozillazine.org/viewtopic.php?t=232880
Status: UNCONFIRMED → NEW
Ever confirmed: true
I've gotten a report that a user experiencing this crash was able to go back to
Thunderbird 1.0 and run just fine. Is that true for any of you Firefox folks who
can reproduce this?

If it's an interaction between KB891711 and something that changed between ff1.0
and ff1.0.1 then maybe we can fix it on our end rather than wait for Microsoft.
Blocks: 288108
Flags: blocking-aviary1.1+
Whiteboard: [asaP1]
http://www.techweb.com/wire/security/159907205
 "Microsoft has received reports about issues with KB891711 on Windows 98,  
 Windows 98 SE and Windows ME," wrote Jerry Bryant for the Microsoft Security 
 Response Center (MCSE). "At this point, we have been able to confirm these 
 reports and are currently working on a resolution."
Patch was re-released 12 April (see
http://support.microsoft.com/default.aspx?scid=kb;en-us;891711).  i installed
the updated version 14 April.  i've not seen the problem since.  As far as i'm
concerned MS have successfully patched their patch.  Probably not worth further
investigation to see if there is a vulnerability in the mozilla code.
Status: NEW → RESOLVED
Closed: 20 years ago
Flags: blocking-aviary1.1+ → blocking-aviary1.1-
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.